An anonymous reader shares a report: Last week South Korea's SK Hynix announced it would partner with Purdue University on a $3.9 billion semiconductor complex here, the largest single corporate investment in state history. Now comes the hard part. SK Hynix must not only build the fabrication plant, or fab, which will package high-bandwidth memory chips used in artificial intelligence, and a connected research-and-development center. It also has to staff them. "We need several hundred engineers to operate our advanced-packaging manufacturing fab -- in physics, chemistry, material science, electronics engineering," Kwak Noh-Jung, chief executive of SK Hynix, said in an interview following last week's announcement.

Staffing a fab is harder in the U.S. than in South Korea, where SK Hynix has contracts with local universities and its own in-house university. Nonetheless, Kwak said, "the final goal is very clear. We need to have very good engineers for our success in U.S." The U.S. is trying to do something unprecedented: reverse a shrinking share in a key manufacturing sector. Between 1990 and 2020, the U.S. share of world chip making shrank to 12% from 37%, while the combined share of Taiwan, South Korea and China grew to 58%. The federal CHIPS program has showered billions of dollars on Intel for fabs in several states, Taiwan Semiconductor Manufacturing Co.in Arizona and GlobalFoundries in New York and Vermont. SK Hynix hopes for support as well.

Subsidies alone won't guarantee a sustainable industry. Fabs need customers, a supply chain and, above all, a skilled, specialized workforce. From 2000 to 2017, U.S. employment in semiconductor manufacturing shrank to 181,000 from 287,000. It has since recovered to about 200,000. Why did the U.S. share of semiconductor production shrink? As in other industries, the U.S. became an expensive place to manufacture. Susan Houseman of the Upjohn Institute, who has studied outsourcing, said this wasn't "primarily a story about offshoring." U.S. companies still lead in chip design: Nvidia in artificial intelligence, Qualcomm in communications and Apple in smartphones. Over time they mostly contracted out fabrication of their chips to foundries such as TSMC who benefited from generous domestic subsidies. The theory behind CHIPS is that, by matching Asia's subsidies, the U.S. can again be competitive in chip making. Nonetheless, there is a chicken-egg problem. Fabs need a ready supply of skilled workers. But without fabs, America's best and brightest have little incentive to pursue careers in the sector.

Liam Proven reports via The Register: Bad news for those who want to play with OpenVMS in non-production use. Older versions are disappearing, and the terms are getting much more restrictive. The corporation behind the continued development of OpenVMS, VMS Software, Inc. -- or VSI to its friends, if it has any left after this -- has announced the latest Updates to the Community Program. The news does not look good: you can't get the Alpha and Itanium versions any more, only a limited x86-64 edition.

OpenVMS is one of the granddaddies of big serious OSes. A direct descendant of the OSes that inspired DOS, CP/M, OS/2, and Windows, as well as the native OS of the hardware on which Unix first went 32-bit, VMS has been around for nearly half a century. For decades, its various owners have offered various flavors of "hobbyist program" under which you could get licenses to install and run it for free, as long as it wasn't in production use. Since Compaq acquired DEC, then HP acquired Compaq, its prospects looked checkered. HP officially killed it off in 2013, then in 2014 granted it a reprieve and sold it off instead. New owner VSI ported it to x86-64, releasing that new version 9.2 in 2022. Around this time last year, we covered VSI adding AMD support and opening a hobbyist program of its own. It seems from the latest announcement that it has been disappointed by the reception: "Despite our initial aspirations for robust community engagement, the reality has fallen short of our expectations. The level of participation in activities such as contributing open source software, creating wiki articles, and providing assistance on forums has not matched the scale of the program. As a result, we find ourselves at a crossroads, compelled to reassess and recalibrate our approach."

Although HPE stopped offering hobbyist licenses for the original VAX versions of OpenVMS in 2020, VSI continued to maintain OpenVMS 8 (in other words, the Alpha and Itanium editions) while it worked on version 9 for x86-64. VSI even offered a Student Edition, which included a freeware Alpha emulator and a copy of OpenVMS 8.4 to run inside it. Those licenses run out in 2025, and they won't be renewed. If you have vintage DEC Alpha or HP Integrity boxes with Itanic chips, you won't be able to get a legal licensed copy of OpenVMS for them, or renew the license of any existing installations -- unless you pay, of course. There will still be a Community license edition, but from now on it's x86-64 only. Although OpenVMS 9 mainly targets hypervisors anyway, it does support bare-metal operations on a single model of HPE server, the ProLiant DL380 Gen10. If you have one of them to play with -- well, tough. Now Community users only get a VM image, supplied as a VMWare .vmdk file. It contains a ready-to-go "OpenVMS system disk with OpenVMS, compilers and development tools installed." Its license runs for a year, after which you will get a fresh copy. This means you won't be able to configure your own system and keep it alive -- you'll have to recreate it, from scratch, annually. The only alternative for those with older systems is to apply to be an OpenVMS Ambassador.

It's the world's most widely used vulnerability database, reports SC Magazine, offering standards-based data on CVSS severity scores, impacted software and platforms, contributing weaknesses, and links to patches and additional resources.

But "there is a growing backlog of vulnerabilities" submitted to America's National Vulnerability Database and "requiring analysis", according to a new announcement from the U.S. Commerce Department's National Institute of Standards. "This is based on a variety of factors, including an increase in software and, therefore, vulnerabilities, as well as a change in interagency support." From SC Magazine: According to NIST's website, the institute analyzed only 199 of 3370 CVEs it received last month. [And this month another 677 came in — of which 24 have been analyzed.]

Other than a short notice advising it was working to establish a new consortium to improve the NVD, NIST had not provided a public explanation for the problems prior to a statement published [April 2]... "Currently, we are prioritizing analysis of the most significant vulnerabilities. In addition, we are working with our agency partners to bring on more support for analyzing vulnerabilities and have reassigned additional NIST staff to this task as well."

NIST, which had its budget cut by almost 12% this year by lawmakers, said it was committed to continuing to support and manage the NVD, which it described as "a key piece of the nation's cybersecurity infrastructure... We are also looking into longer-term solutions to this challenge, including the establishment of a consortium of industry, government and other stakeholder organizations that can collaborate on research to improve the NVD," the statement said. "We will provide more information as these plans develop..."

A group of cybersecurity professionals have signed an open letter to Congress and Commerce Secretary Gina Raimondo in which they say the enrichment issue is the result of a recent 20% cut in NVD funding.
The article also cites remarks from NVD program manager Tanya Brewer (reported by Infosecurity Magazine) from last week's VulnCon conference on plans to establish a NVD consortium. "We're not going to shut down the NVD; we're in the process of fixing the current problem. And then, we're going to make the NVD robust again and we'll make it grow."

Thanks to Slashdot reader spatwei for sharing the article.

CNN revisits 2003's disastrous landing of the Space Shuttle Columbia tonight with two "immersive" specials co-produced by BBC and Mindhouse Productions "featuring exclusive interviews and revealing never-before-broadcast footage," according to an announcement — with two more specials airing next week.

You can watch a trailer here. Across four episodes, the story of the ticking-clock of Columbia's final mission is told in dramatic detail, beginning months before the troubled launch, unfolding across the sixteen days in orbit, and concluding with the investigation into the tragic loss of the seven astronauts' lives. Weaving together intimate footage shot by the astronauts themselves inside the orbiter, exclusive first-hand testimony from family members of the Shuttle's crew, key players at NASA — some of whom have never spoken before — and journalists who covered the story on the ground, the series paints an intimate portrait of the women and men onboard and uncovers in forensic detail the trail of events and missed opportunities that ultimately led to disaster.
CNN says the first two episodes will livestream tonight at 9 p.m. EST (time-delayed on the west coast until 9 p.m.PST) — and then be available on-demand starting Monday — "for pay TV subscribers via CNN.com, CNN connected TV and mobile apps." CNN's web site offers a "preview" of its live TV offerings here.

They're promising "the inside story of one America's most iconic institutions, uncovering how financial pressures and a culture of complacency may have contributed to the events of February 1, 2003. The series also reflects on the legacy of the Space Shuttle era, serving as a timely exploration of the challenges and inherent dangers that remain relevant to space travel today."

On its web site CNN has also published two companion articles — one by Rice history professor Douglas Brinkley arguing that NASA "was America's crown jewel. After the Columbia disaster it was never quite the same." Because other shuttle missions had returned safely with "shredded" surface tiles — and because the stalwart Columbia had brought astronauts home from 27 previous flights — many NASA officials were lulled into complacency. They went so far as to assure the pilot and commander via email that "there is no concern ... We have seen the same phenomenon on several other flights and there is absolutely no concern for entry."

NASA officials also decided against enlisting spy satellite photography to examine the shuttle damage more thoroughly. If they had, it's possible that the astronauts could have repaired the spaceplane or at least abandoned it for refuge on the International Space Station...

As the Columbia Accident Investigation Board (CAIB) noted in its final report, "the NASA organizational culture had as much to do with this accident as the foam." All of NASA's launches were suspended for two years. While the shuttles eventually flew again, post-Columbia, the program was stunted and curtailed.
The article notes that since then SpaceX, Blue Origin, and the United Launch Alliance (Lockheed Martin and Boeing) "are thriving today in the space industry," along with Virgin Galactic and Axiom Space. "NASA, far from feeling threatened, has encouraged many of the private companies with massive contracts. The agency already had a long history of dealing with sub-contractors, using its pocketbook to steer aerospace development; that tradition has adjusted seamlessly to the current space economy."

In the other article CNN Space & Science writer Jackie Wattles notes that when America later retired its Space Shuttle program in 2011, "no U.S. astronaut would travel to space on an American-made rocket for nearly a decade."

The foundations behind Rust, Python, Apache, Eclipse, PHP, OpenSSL, and Blender announced plans to create "common specifications for secure software development," based on "existing open source best practices."

From the Eclipse Foundation: This collaborative effort will be hosted at the Brussels-based Eclipse Foundation [an international non-profit association] under the auspices of the Eclipse Foundation Specification Process and a new working group... Other code-hosting open source foundations, SMEs, industry players, and researchers are invited to join in as well.

The starting point for this highly technical standardisation effort will be today's existing security policies and procedures of the respective open source foundations, and similar documents describing best practices.

The governance of the working group will follow the Eclipse Foundation's usual member-led model but will be augmented by explicit representation from the open source community to ensure diversity and balance in decision-making. The deliverables will consist of one or more process specifications made available under a liberal specification copyright licence and a royalty-free patent licence... While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation.

The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.
The Apache Foundation notes the working group is forming partly "to demonstrate our commitment to cooperation with and implementation of" the EU's Cyber Resilience Act. But the Eclipse Foundation adds that even before it goes into effect in 2027, they're recognizing open source software's "increasingly vital role in modern society" and an increasing need for reliability, safety, and security, so new regulations like the CRA "underscore the urgency for secure by design and robust supply chain security standards."

Their announcement adds that "It is also important to note that it is similarly necessary that these standards be developed in a manner that also includes the requirements of proprietary software development, large enterprises, vertical industries, and small and medium enterprises." But at the same time, "Today's global software infrastructure is over 80% open source... [W]hen we discuss the 'software supply chain,' we are primarily, but not exclusively, referring to open source."

"We invite you to join our collaborative effort to create specifications for secure open source development," their announcement concludes," promising initiative updates on a new mailing list. "Contribute your ideas and participate in the magic that unfolds when open source foundations, SMEs, industry leaders, and researchers combine forces to tackle big challenges."

The Python Foundation's announcement calls it a "community-driven initiative" that will have "a lasting impact on the future of cybersecurity and our shared open source communities."

The San Francisco Chronicle reports that Tesla "is poised to roll out its version of a robotaxi later this year, according to CEO Elon Musk." ("Musk made the announcement on social media saying 'Tesla Robotaxi unveil on 8/8.' His cryptic post contained no other details about the forthcoming line of autonomous vehicles.")

Electrek thinks they know what it'll look like. "Through Walter Issacson's approved biography of Musk, we learned that Tesla Robotaxi will be 'Cybertruck-like'."

8/8 (of the year 2024) would be a Thursday — although CNBC adds one additional clarification: At Tesla, "unveil" dates do not predict a near-future date for a commercial release of a new product. For example, Tesla unveiled its fully electric heavy-duty truck, the Semi, in 2017 and did not begin deliveries until December 2022. It still produces and sells very few Semis to this day.
"Tesla shares rose over 3% in extended trading after Musk's tweet."

Slashdot reader Mononymous writes: The latest release of OpenBSD, the FOSS Unix-like operating system focused on correctness and security over features and performance, has been released. This version includes newer driver support, performance improvements, stability fixes, and lots of package updates. One highlight is a complete port of KDE Plasma 5.

You can view the announcement and get the bits at OpenBSD.org.
Phoronix reports that with OpenBSD 7.5 "there is a number of improvements for ARM (AArch64) hardware, never-ending kernel optimizations and other tuning work, countless package updates, and other adjustments to this popular BSD platform."

An anonymous reader quotes a report from the Daily Hive: It is now the third consecutive day a major housing funding announcement has been made by Prime Minister Justin Trudeau. Friday's announcement entails over $600 million in investments targeted to help lower the construction cost of homes and speed up building timelines, with a new focus on creating new building innovation technologies. This includes a new $50 million Homebuilding Technology and Innovation Fund, which the federal government aims to leverage an additional $150 million from the private sector and other levels of government. Another $50 million will be invested in ideas and technology such as prefabricated housing factories, mass timber production, panelization, 3D printing, and pre-approved home design catalogues -- specifically projects already funded.

As well, $11.6 million will go towards the federal government's previously announced Housing Design Catalogue to create a standardized home structure design for simplicity as well as construction and cost efficiencies. The vast majority of today's announced funding will go into the federal Apartment Construction Loan Program, which provides low-cost financing to support new rental housing projects using innovative construction techniques from prefabricated and modular housing manufacturers as well as other homebuilders. Prime Minister Justin Trudeau said in a statement: "We're changing the way we build homes in Canada. In Budget 2024, we're supporting a new approach to construction, with a focus on innovation and technology. This will make it easier and more cost-effective to build more homes, faster. You should be able to live in the community you love, at a price you can afford."

AMD plans to document and open source its Micro Engine Scheduler (MES) firmware for GPUs, giving users more control over Radeon graphics cards. From a report: It's part of a larger effort AMD confirmed earlier this week about making its GPUs more open source at both a software level in respect to the ROCm stack for GPU programming and a hardware level. Details were scarce with this initial announcement, and the only concrete thing it introduced was a GitHub tracker.

However, yesterday AMD divulged more details, specifying that one of the things it would be making open source was the MES firmware for Radeon GPUs. AMD says it will be publishing documentation for MES around the end of May, and will then release the source code some time afterward. For one George Hotz and his startup, Tiny Corp, this is great news. Throughout March, Hotz had agitated for AMD to make MES open source in order to fix issues he was experiencing with his RX 7900 XTX-powered AI server box. He had talked several times to AMD representatives, and even the company's CEO, Lisa Su.

An anonymous reader quotes a report from Android Police, written by Dhruv Bhutani: As someone who is an early adopter of all things smart and has invested a significant amount of money in building a fancy smart home, it saddens me to say that I feel cheated by the thousands of dollars I've spent on smart devices. And it's not a one-off. Amazon's recent move to block off local ADB connections on Fire TV devices is the latest example in a long line of grievances. A brand busy wrestling away control from the consumer after they've bought the product, the software update gimps a feature that has been present on the hardware ever since it launched back in 2014. ADB-based commands let users take deep control of the hardware, and in the case of the Fire TV hardware, it can drastically improve the user experience. [...] A few years ago, I decided to invest in the NVIDIA Shield. The premium streamer was marketed as a utopia for streaming online and offline sources with the ability to plug in hard drives, connect to NAS drives, and more. At launch, it did precisely that while presenting a beautiful, clean interface that was a joy to interact with. However, subsequent updates have converted what was otherwise a clean and elegant solution to an ad-infested overlay that I zoom past to jump into my streaming app of choice. This problem isn't restricted to just the Shield. Even my Google TV running Chromecast has a home screen that's more of an advertising space for Google than an easy way to get to my content.

But why stop at streaming boxes? Google's Nest Hubs are equal victims of feature deterioration. I've spent hundreds of dollars on Nest Hubs and outfitted them in most of my rooms and washrooms. However, Google's consistent degradation of the user experience means I use these speakers for little more than casting music from the Spotify app. The voice recognition barely works on the best of days, and when it does, the answers tend to be wildly inconsistent. It wasn't always the case. In fact, at launch, Google's Nest speakers were some of the best smart home interfaces you could buy. You'd imagine that the experience would only improve from there. That's decidedly not the case. I had high hopes that the Fuchsia update would fix the broken command detection, but that's also not the case. And good luck to you if you decided to invest in Google Assistant-compatible displays. Google's announcement that it would no longer issue software or security updates to third-party displays like the excellent Lenovo Smart Display, right after killing the built-in web browser, is pretty wild. It boggles my mind that a company can get away with such behavior.

Now imagine the plight of Nest Secure owners. A home security system isn't something one expects to switch out for many many years. And yet, Google decided to kill the Nest Secure home monitoring solution merely three years after launching the product range. While I made an initial investment in the Nest ecosystem, I've since switched over to a completely local solution that is entirely under my control, stores data locally, and won't be going out of action because of bad decision-making by another company. "It's clear to me that smart home devices, as they stand, are proving to be very poor investments for consumers," Bhutani writes in closing. "Suffice it to say that I've paused any future investments in smart devices, and I'll be taking a long and hard look at a company's treatment of its current portfolio before splurging out more cash. I'd recommend you do the same."

"After being in development since 2019, the huge NetBSD 10.0 is out today as a wonderful Easter surprise," reports Phoronix: NetBSD 10 provides WireGuard support, support for many newer Arm platforms including for Apple Silicon and newer Raspberry Pi boards, a new Intel Ethernet drive, support for Realtek 2.5GbE network adapters, SMP performance improvements, automatic swap encryption, and an enormous amount of other hardware support improvements that accumulated over the past 4+ years.

Plus there is no shortage of bug fixes and performance optimizations with NetBSD 10. Some tests of NetBSD 10.0 in development back during 2020 showed at that point it was already 12% faster than NetBSD 9.
"A lot of development went into this new release," NetBSD wrote on their blog, saying "This also caused the release announcement to be one of the longest we ever did."

Among the new userspace programs is warp(6), which they describe as a "classic BSD space war game (copyright donated to the NetBSD Foundation by Larry Wall)."

A Linux Foundation subsidiary has developed a free and open-source 3D game engine distributed under the Apache license. And last week the Open 3D Foundation announced "a big step forward, showcasing the power of open-source technologies in giving gamers around the globe unforgettable gaming experiences."

"We are proud to unveil MadWorld as the first mobile title powered by O3DE," said Joe Bryant, Executive Director of the Open 3D Foundation, "demonstrating the large potential of open-source technologies in game development."

And then this week Los Angeles Business Journal reported that El Segundo-based gaming studio Carbonated Inc. "has raised $11 million of series A funding to finance the development and release of its debut game title... Prior to its most recent round, Carbonated closed an $8.5 million seed funding round in 2020, which also included participation from Andreessen and Bitkraft." Since its founding [in 2015], the company has been focusing on research and development for its upcoming first title, called "MadWorld." The third-person, multiplayer shooter game is set in a post-apocalyptic world and features both player-versus-player and player-versus-environment features. Players of the game will battle for land control in a dystopian setting. Using a combination of open-source mapping tools and Carbonated's proprietary custom operations technology, called Carbyne, the game's world is designed around real-life cities and locations. Players are initially dropped into the game's version of their own real-time location.

The game allows players to optionally engage using blockchain technology with a digital asset-ownership layer powered by a blockchain network called XPLA.
Earlier this month Madworld "opened up for Early Access registration," reports the egamers web site, arguing that the game "is set to redefine the gaming landscape and will make its public debut later this year." After a catastrophic event named "The Collapse," MadWorld takes place in a desolate Earth where players engage in a battle for survival, highlighting the game's unique setting and immersive experience. The game's world is intricately designed with 250,000 land plots mapped out on a hexagonal grid, each presenting unique resources and strategic benefits. This innovative approach to game design enhances the gameplay experience and introduces a new layer of strategy and competition.

MadWorld's gameplay is centered around integrating Web3 technologies, which allows for the ownership, enhancement, and trading of tokenized representations of real-world locations. This feature encourages players to create clans and work together or compete for essential resources that are spread across the vast game world. Clans can acquire these resources by paying tributes to NFT landowners using "Rounds," the in-game currency. This mechanism not only fosters a sense of community and teamwork but also creates unique economic opportunities within the game by blending traditional gaming elements with the emerging field of digital assets.
"With its use of O3DE, Carbonated can enhance the game's visual fidelity, performance, and scalability," according to the Linux Foundation's announcement, "in order to deliver a fast-paced adventure on mobile platforms." O3DE is an open-source game engine developed by a collaborative community of industry experts. It includes state-of-the-art rendering capabilities, dynamic lighting, and realistic physics simulation. These features have enabled Carbonated to build realistic dystopian environments and create action-packed gameplay in MadWorld.
According to its official site, MadWorld "is set to be released to the public sometime in 2024 and is currently being tested on iOS and Android operating systems."

Carbonated's CEO Travis Boatman made this prediction to the site Decrypt. "We think mobile is where the breakout will happen for Web3."

BrianFagioli shares a report from BetaNews: In a recent security announcement, Red Hat's Information Risk and Security and Product Security teams have identified a critical vulnerability in the latest versions of the 'xz' compression tools and libraries. The affected versions, 5.6.0 and 5.6.1, contain malicious code that could potentially allow unauthorized access to systems. Fedora Linux 40 users and those using Fedora Rawhide, the development distribution for future Fedora builds, are at risk.

The vulnerability, designated CVE-2024-3094, impacts users who have updated to the compromised versions of the xz libraries. Red Hat urges all Fedora Rawhide users to immediately cease using the distribution for both work and personal activities until the issue is resolved. Plans are underway to revert Fedora Rawhide to the safer xz-5.4.x version, after which it will be safe to redeploy Fedora Rawhide instances. Although Fedora Linux 40 builds have not been confirmed to be compromised, Red Hat advises users to downgrade to a 5.4 build as a precautionary measure. An update reverting xz to 5.4.x has been released and is being distributed to Fedora Linux 40 users through the normal update system. Users can expedite the update by following instructions provided by Red Hat. Further reader submissions: xz/liblzma Backdoored, Facilitating ssh Compromise;
Malicious Code Discovered in Popular XZ Utils.

An anonymous reader quotes a report from Ars Technica: NYC's "MyCity" ChatBot was rolled out as a "pilot" program last October. The announcement touted the ChatBot as a way for business owners to "save ... time and money by instantly providing them with actionable and trusted information from more than 2,000 NYC Business web pages and articles on topics such as compliance with codes and regulations, available business incentives, and best practices to avoid violations and fines." But a new report from The Markup and local nonprofit news site The City found the MyCity chatbot giving dangerously wrong information about some pretty basic city policies. To cite just one example, the bot said that NYC buildings "are not required to accept Section 8 vouchers," when an NYC government info page says clearly that Section 8 housing subsidies are one of many lawful sources of income that landlords are required to accept without discrimination. The Markup also received incorrect information in response to chatbot queries regarding worker pay and work hour regulations, as well as industry-specific information like funeral home pricing. Further testing from BlueSky user Kathryn Tewson shows the MyCity chatbot giving some dangerously wrong answers regarding treatment of workplace whistleblowers, as well as some hilariously bad answers regarding the need to pay rent.

MyCity's Microsoft Azure-powered chatbot uses a complex process of statistical associations across millions of tokens to essentially guess at the most likely next word in any given sequence, without any real understanding of the underlying information being conveyed. That can cause problems when a single factual answer to a question might not be reflected precisely in the training data. In fact, The Markup said that at least one of its tests resulted in the correct answer on the same query about accepting Section 8 housing vouchers (even as "ten separate Markup staffers" got the incorrect answer when repeating the same question). The MyCity Chatbot -- which is prominently labeled as a "Beta" product -- does tell users who bother to read the warnings that it "may occasionally produce incorrect, harmful or biased content" and that users should "not rely on its responses as a substitute for professional advice." But the page also states front and center that it is "trained to provide you official NYC Business information" and is being sold as a way "to help business owners navigate government." NYC Office of Technology and Innovation Spokesperson Leslie Brown told The Markup that the bot "has already provided thousands of people with timely, accurate answers" and that "we will continue to focus on upgrading this tool so that we can better support small businesses across the city."

AmiMoJo writes: In a major surprise, all twenty episodes of the second season of the animated series 'Star Trek: Prodigy' have suddenly been made available in France thanks to broadcaster France Televisions.

According to TrekCentral it seems France.TV, the online streaming service for the national public broadcaster, has released the entirety of the second season all at once and without any prior warning or announcement.

This has led to questions online as to how this happened. Paramount+ unexpectedly canceled the series in June last year -- even as a second season had almost finished production and was completed shortly after. It took numerous fan campaigns and social media protests but ultimately Netflix picked up both completed seasons in October 2023. The streamer has confirmed the twenty episode second season will arrive this year but hasn't set a specific date as yet.

Today's unexpected release in France has many wondering if this a mistake, or is this the result of a specific licensing deal with that country and distributor. Either way, spoilers for the new season are already flooding online along with a lot of people calling for fans to wait for the official release and support the creators.

Whether intentional or not, it's not clear if Netflix will shift its release strategy for the new season in the wake of this.

The BBC says it has stopped using AI to promote Doctor Who after receiving complaints from viewers. Deadline reports: The BBC's marketing teams used the tech "as part of a small trial" to help draft some text for two promotional emails and mobile notifications, according to its complaints website, which was intended to highlight Doctor Who programming on the BBC. But the corporation received complaints over the reports that it was using generative AI, it added. "We followed all BBC editorial compliance processes and the final text was verified and signed-off by a member of the marketing team before it was sent," the BBC said. "We have no plans to do this again to promote Doctor Who."

The decision to stop promoting via generative AI represents a u-turn from the BBC, who said at the time of announcement that "generative AI offers a great opportunity to speed up making the extra assets to get more experiments live for more content that we are trying to promote." At the time, the BBC didn't mention that this would be the only time it uses the technology for Doctor Who promotion. Doctor Who will launch in May on the BBC and, for the first time, Disney+. A new trailer was unveiled last week.

Atlas VPN informed customers on Monday that it will discontinue its services on April 24, citing technological demands, market competition, and escalating costs as key factors in the decision. The company said it will transfer its paid subscribers to its sister company, NordVPN, for the remainder of their subscription period to ensure uninterrupted VPN services.

"It's a bad day for bugs," joked TechCrunch on Wednesday. "Earlier today, Sentry announced its AI Autofix feature for debugging production code..."

And then the same day, BleepingComputer reported that GitHub "introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding." This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security customers. Known as Code Scanning Autofix and powered by GitHub Copilot and CodeQL, it helps deal with over 90% of alert types in JavaScript, Typescript, Java, and Python... After being toggled on, it provides potential fixes that GitHub claims will likely address more than two-thirds of found vulnerabilities while coding with little or no editing.

"When a vulnerability is discovered in a supported language, fix suggestions will include a natural language explanation of the suggested fix, together with a preview of the code suggestion that the developer can accept, edit, or dismiss," GitHub's Pierre Tempel and Eric Tooley said...

Last month, the company also enabled push protection by default for all public repositories to stop the accidental exposure of secrets like access tokens and API keys when pushing new code. This was a significant issue in 2023, as GitHub users accidentally exposed 12.8 million authentication and sensitive secrets via more than 3 million public repositories throughout the year.
GitHub will continue adding support for more languages, with C# and Go coming next, according to their announcement.

"Our vision for application security is an environment where found means fixed."

Long-time Slashdot reader HanzoSpam shared an announcement from the University of California San Diego.

The school's researchers teamed with materials-science company Algenesis to show "that their plant-based polymers biodegrade — even at the microplastic level — in under seven months." "We're trying to find replacements for materials that already exist, and make sure these replacements will biodegrade at the end of their useful life instead of collecting in the environment," stated Professor of Chemistry and Biochemistry Michael Burkart, one of the paper's authors and an Algenesis co-founder. "That's not easy."

"When we first created these algae-based polymers about six years ago, our intention was always that it be completely biodegradable," said another of the paper's authors, Robert Pomeroy, who is also a professor of chemistry and biochemistry and an Algenesis co-founder. "We had plenty of data to suggest that our material was disappearing in the compost, but this is the first time we've measured it at the microparticle level...."

"This material is the first plastic demonstrated to not create microplastics as we use it," said Stephen Mayfield, a paper coauthor, School of Biological Sciences professor and co-founder of Algenesis. "This is more than just a sustainable solution for the end-of-product life cycle and our crowded landfills. This is actually plastic that is not going to make us sick."

Creating an eco-friendly alternative to petroleum-based plastics is only one part of the long road to viability. The ongoing challenge is to be able to use the new material on pre-existing manufacturing equipment that was originally built for traditional plastic, and here Algenesis is making progress. They have partnered with several companies to make products that use the plant-based polymers developed at UC San Diego, including Trelleborg for use in coated fabrics and RhinoShield for use in the production of cell phone cases.

"When we started this work, we were told it was impossible," stated Burkart. "Now we see a different reality. There's a lot of work to be done, but we want to give people hope. It is possible."

"Vernor Vinge, who three times won the Hugo for best novel, has died," writes Slashdot reader Felix Baum. Ars Technica reports: On Wednesday, author David Brin announced that Vernor Vinge, sci-fi author, former professor, and father of the technological singularity concept, died from Parkinson's disease at age 79 on March 20, 2024, in La Jolla, California. The announcement came in a Facebook tribute where Brin wrote about Vinge's deep love for science and writing. "A titan in the literary genre that explores a limitless range of potential destinies, Vernor enthralled millions with tales of plausible tomorrows, made all the more vivid by his polymath masteries of language, drama, characters, and the implications of science," wrote Brin in his post.

As a sci-fi author, Vinge won Hugo Awards for his novels A Fire Upon the Deep (1993), A Deepness in the Sky (2000), and Rainbows End (2007). He also won Hugos for novellas Fast Times at Fairmont High (2002) and The Cookie Monster (2004). As Mike Glyer's File 770 blog notes, Vinge's novella True Names (1981) is frequency cited as the first presentation of an in-depth look at the concept of "cyberspace." Vinge first coined the term "singularity" as related to technology in 1983, borrowed from the concept of a singularity in spacetime in physics.

When discussing the creation of intelligences far greater than our own in an 1983 op-ed in OMNI magazine, Vinge wrote, "When this happens, human history will have reached a kind of singularity, an intellectual transition as impenetrable as the knotted space-time at the center of a black hole, and the world will pass far beyond our understanding." In 1993, he expanded on the idea in an essay titled The Coming Technological Singularity: How to Survive in the Post-Human Era.